A Vote of No Confidence: Antivirus Effectiveness Falls to All-time Low

Today, Bromium released the results of its “Enterprise Security Confidence Report,” a survey of more than 125 information security professionals, focused on the greatest risks facing organizations today, the effectiveness of various security solutions and the priorities for security architectures.

As we reported in our press release, the survey found increased concern about legacy solutions and users. In particular, confidence in traditional detection-based solutions, such as antivirus and firewalls, is at an all-time low. However, prevention-based technologies, such as threat isolation, that provide proactive protection are seen as foundational to security architecture and effective as defeating cyber attacks.

In addition to discussing these findings, this blog will also present the rest of the results from the “Enterprise Security Confidence Report.” To begin, let us examine the areas of greatest risk.

Q1. “Which do you feel are the greatest areas of risk to your organization? (select any that apply)”

When asked, “which do you feel are the greatest areas of risk to your organization?” the overwhelming response was the user, which makes sense considering their tendency to click on anything, open anything and circumvent security controls that they find restricting. As you can see, endpoint was also among the top four responses. Together, the user and the endpoint combine to create the perfect storm of risk. Also interestingly, among the top responses were cloud services and mobile devices, both relatively recent technology initiatives that many organizations that are clearly creating risk, as they remove centralized control from security teams.

Q2. “Are you confident in the ability of traditional endpoint protection systems, such as antivirus to detect unknown threats, such as zero days?”

Q4. Which of the following technologies do you feel are effective security solutions?

When asked to select effective security solutions, 58 percent selected endpoint threat isolation. Network-based solutions, specifically intrusion detection/prevention systems and network sandboxes, also received a good response, relative to the other solutions.

Q5. “Which stage of adaptive security architecture do you think is most foundational?”

When asked to select which stage of adaptive security architecture is most foundational, the overwhelming majority selected prevention. It is interesting to note that last than 25 percent of respondents selected detection and even less selected response. Considering how frequently security vendors market with the FUD of “assuming compromise” this should be a wake-up call that information security professionals are quite tired of purchasing security solutions that cannot prevent attacks.

Conclusion

Information security professionals have lost faith in traditional solutions, even as they continue to struggle with traditional user risk. Detection-based solutions cannot provide the adequate level of protection. Prevention-based solutions are considered the most foundational and endpoint threat isolation is considered the most effective. Bromium has pioneered an endpoint threat isolation solution that prevents data breaches with micro-virtualization. To learn more, visit: http://www.bromium.com/products.html